[Samba] Winbind authentication issues when single Domain Controller down
Jeremy Allison
jra at samba.org
Mon Apr 25 18:42:30 UTC 2022
On Mon, Apr 25, 2022 at 11:56:22AM -0500, Richard Anderson via samba wrote:
>When one of our domain controllers is restarted or down, occasionally we
>will have a large number of errors on our Samba server. This appears to
>depend on whatever domain controller is being used by winbind.
>
>We found this out when several of our users reported they could not login
>to our Samba server. Logs indicated NT_STATUS_NO_LOGON_SERVERS. This was on
>a reboot of one of our domain controllers. Once the domain controller was
>back up we were able to login to the server.
>
>Does the 'password server' setting work? Is there another setting I should
>consider?
>
>We use winbind for authentication. When the domain controller that is being
>used is down, wbinfo -P will take several minutes before failing and does
>not appear to switch to another server on the second or third attempt.
>
>*Tried (smb.conf)*
>
> - winbind offline login = yes
> - winbind cache time = 600
> - password server = dc1.ourdomain.company_domain.com,
> dc2.ourdomain.company_domain.com,dc3.ourdomain.company_domain.com
What Samba version ? Modern Samba code to find a DC will
ping DC's in parallel and pick the first one that responds.
More information about the samba
mailing list